Wednesday, April 06, 2005

Arbitrary memory exposure vulnerability

This just in: Secunia has found a bug in Firefox 1.0.2 that allows a JavaScript program to reveal "arbitrary amounts of heap memory". The bug in Bugzilla was filed on the 1st of April (alas, not a fool's day joke), and was fixed on the trunk that same day. So this bug will be fixed for 1.0.3, which should be coming as soon as the final bugs are squashed.

The bug allows any amount of heap memory to be read. The test case given by Secunia showed several interesting strings in my case: visited URLs, information on some extensions I am using, and even the text of this post as I am writing it. I don't know for sure, but it seems very likely that passwords and other sensitive information can be read in this way. The solution: disable JavaScript.


Post a Comment

Links to this post:

Create a Link

<< Home